The problem isn't that the owner didn't get the data. The problem is that the method for getting the data is that you must beg Tesla for it, rather than just slurping it out of a USB port inside the car.
If Tesla is going to go to the trouble of uploading all this shit to the cloud anyway, the least they can do is give customers a no-questions-asked download button.
I agree with the sentiment, but in practice this is a horrific idea. Make it easy and it’ll be snaffled up by law enforcement, whether covertly, with intimidation, or with routine warrants.
I'd recommend any good sound device that connects digitally, like USB or HDMI/Displayport.
So the answer is that you should get a dedicated sound device, but don't bother looking for an internal card. External devices are easier to connect, won't complicate upgrades, and can be attached to a different machine with less work.
Onboard has always been good enough, it's just that people are usually willing to accept trash.
I'd agree with your recommendation while pointing out that a big part of the benefit from doing this is getting high-quality audio ADC/DAC hardware in the final mixed-signal interface. This can be achieved well with either kind of device, but the external device will be usable longer.
That said, my biggest gripe about external sound cards is introduction of drivers rather than usage of standard bus class protocols, which has a tendency to create "complicated upgrades" problems due to the manufacturer dropping support for the driver over time, causing an unnecessary forced obsolescence for otherwise good external hardware.
> I wasn't aware that WebAuthn didn't have this requirement. I prefer TOTP because I actually like having a second factor in addition to a credential stored on my computer's hard drive (whether a password or a private key in my password manager), but I might be willing to reduce my security posture to get rid of this annoyance.
I've seen passkeys support something like what you're after. The browser will produce a QR code you scan with your phone, and then you authenticate with the passkey via the phone, which then authorizes the original browser.
I'm not absolutely certain that this is part of the spec or how it actually works. I'd like to know. It solves a couple different usability issues.
This is the option I prefer, but only on sites that allow me to enroll more than one device (primary, and backup for if the primary gets lost or damaged). AFAICT, Mercury only allows a single security key.
I have an encrypted offline backup of my TOTP codes, so if I drop my phone on the ground, I don't get locked out of all my accounts. I keep this separate from the encrypted offline backup of the password manager on my computer, and as far as I know, neither has ever been uploaded to anyone else's "cloud." Malware would have to compromise two completely separate platforms to get into my accounts, rather than just iCloud or whatever credentials.
I understand the desire for phish-proof credentials, but—given that I don't click links in emails—my personal threat model ranks a compromised device (via attack against a cloud service provider, or software supply chain attack against a vendor with permission to "auto-update," or whatever) much higher likelihood than me personally falling victim to phishing. I readily admit that's not true for everyone.
> my personal threat model ranks a compromised device ... much higher likelihood than me personally falling victim to phishing
I completely understand that. I'd actually be interested in reading anything practical you might have on that topic if you don't mind. I asked some experts who gave a talk on supply chain security last year ... they didn't have a lot of positive things to say. Developing software feels like playing with fire.
It feels unstoppable, which is why the best I can do is try to mitigate its impact. Some mitigations that come to mind:
The development environment where I'm downloading random libraries is on a completely separate physical machine than my primary computer. I generally spin up a short-lived container for each new coding project, that gets deleted after the resulting code I produce is uploaded somewhere. This is completely separate from the work-supplied machine where I hack on my employer's code.
On my primary computer, my web browser runs in an ephemeral container that resets itself each time I shut it down. My password manager runs in a different, isolated, container. Zoom runs in a different, also isolated, container. And so on.
Wherever possible, I avoid letting my computer automatically sync with cloud services or my phone. If one is compromised, this avoids spreading the contagion. It also limits the amount of data that can be exfiltrated from any single device. Almost all of the persistent data I care about is in Git (I use git-annex for file sync), so there's an audit trail of changes.
My SSH and GPG keys are stored on a hardware key so they can't be easily copied. I set my Yubikey to require a touch each time I authenticate, so my ssh-agent isn't forwarding authentication without a physical action on my part. I cover my webcam when not in use and use an external microphone that requires turning on a preamp.
I try to host my own services using open source tools, rather than trust random SaaS vendors. Each internet-facing service runs in a dedicated container, isolated from the others. IoT devices each get their own VLAN. Most containers and VLANs have firewall rules that only allow outbound connections to whitelisted hosts. Where that's not possible due to the nature of the service (such as with email), I have alerting rules that notify me when they connect somewhere new. That's a "page" level notification if the new connection geolocates to China or Russia.
I take an old laptop with me when traveling, that gets wiped after the trip if I had to cross a border or leave it in a hotel safe.
I have good, frequent backups, on multiple media in multiple offline locations, that are tested regularly, so it's not the end of the world if I have to re-install a compromised device.
> The development environment where I'm downloading random libraries is on a completely separate physical machine than my primary computer. I generally spin up a short-lived container for each new coding project, that gets deleted after the resulting code I produce is uploaded somewhere. This is completely separate from the work-supplied machine where I hack on my employer's code.
Something like VS Code remote dev with a container per project? Just plain docker/podman for containers?
> On my primary computer, my web browser runs in an ephemeral container that resets itself each time I shut it down. My password manager runs in a different, isolated, container. Zoom runs in a different, also isolated, container. And so on.
Qubes, or something else? I've been looking at switching to Linux for a while, but Apple Silicon being as good as it is has made making that leap extremely difficult.
Mostly Linux with systemd-nspawn, also some Kubernetes, plus the occasional full VM. (If I were setting this up from scratch, I'd probably try to figure out how to run my desktop as 100% Kubernetes, using something like k3s, but I don't know how practical things like GPU access or Waypipe forwarding would be via that method.)
I live inside Emacs for most things except browsing the web, either separate instances via SSH, or using TRAMP mode.
If you switch to Linux, I highly recommend configuring your browser with a fake Windows or MacOS user agent string. Our Cloudflare overlords really, really hate Linux users and it sucks to continually get stuck in endless CAPTCHAs. (And doing so probably doesn't hurt fighting against platform-specific attacks, either.)
It’s not about data, it’s customer segmentation. Frequent customers are more price sensitive, and are willing to use the app to get all the discounts, while occasional customers will not, so they can capture both the more price sensitive part of the market while getting higher margins from occasional buyers.
As someone who spent many years segmenting customers and generating personalized marketing offers -- McDonald's is awful at this. I was a 2-3x/monthly customer (USA based) for years (even more frequent a decade ago, but I'm talking about since the app), ordering the exact same core items every time (except during breakfast).
When they began "value meals" last summer (which don't include their flagship items) they also removed the best deals from the app, the ones that did include Big Mac, QPC, 10-nuggets. I've placed one non-breakfast order in 6-8 months, whenever they started this.
I'm just one person, but if a customer declines from an expected 15-20 visits over a half-year period to 1, and you don't adjust your offer algorithm (and you're the biggest restaurant company in the world so no lack of resources), something is seriously wrong.
Whenever this happens to me I keep wondering how much I am of the A/B data test where I'm in the "less important group". Is it possible that their changes engaged (or profited from) the more active (daily/weekly customers) by making your situation worse?
Perhaps. Let's assume that the value meals is a massive hit and they are collecting far more revenue from customers who like it, than they are losing from people like me.
That's the whole point of data analytics and personalized marketing - even if the value meal works for most people they can still go back to sending me the offers and promotions I responded to previously, in an attempt to reverse my recent decline in spend/visitation. The app makes it possible to send individualized offers. There shouldn't be an entire "B" group where they just say, oh well.
They used to have great deals on the app in Germany. I used to go to McDonald's all the time. The deals suck now, and now I only go if I'm really craving a McMuffin Bacon & Egg.
They've captured the user base with the money that corporate was pumping into the app deals, and are in the process of enshittifying it by transferring the value to themselves instead of the users.
This can work in a lot of industries - I am skeptical fast food is one of them. Switching costs are low, alternates are plentiful, and collecting information (reviewing deals/prices across companies) is relatively easy.
If McDonald's enshittifies its deals while continuing to raise prices, it's way too easy for loyal customers to go elsewhere. I'm saying this as a huge fan and extremely loyal customer of McDonald's for decades... they are at serious risk of losing people like me. As I stated, I've gone from 15-20 visits to 1 since last June/July, whenever they made the big change.
We've got similar opinions here. I'm just pointing out that the overall experience here feels familiar, and it wasn't until reading this thread that I really put it together.
I agree with you that I'd be surprised if Enshittification works as well here as it does in tech, but maybe since there's an app involved, they just think they can get away with it. Who knows.
Sure they want user data to observe people's purchasing habits. But they already have that if you always use the same debit or credit cards like most people do.
But the more people use the app, the less cashiers they need and the less ordering kiosks they have to install. Plus customer satisfaction goes up because you can order ahead and your food is ready when you arrive. And getting used to the discounts means you probably won't switch to Burger King or Wendy's.
I think additional user data is a relatively minor part of it.
> you can order ahead and your food is ready when you arrive
That just sounds like a great way to get cold McDonald's...
> I think additional user data is a relatively minor part of it.
You're probably right about that, but I've always undervalued user data because I don't think it's ethical to exploit people like that.
I'm sure that a well-timed push notification suggesting a personalized meal deal right around hungry-o'clock is the real goal of pushing this stupid app on their customers.
The food does NOT start cooking when you order it if you’re picking up at drive thru. It starts cooking when you pull up to drive thru and give the magic code.
In fact if the food is not easy to prepare you get put in a special parking space, where you wait for your order to be prepared. If it includes soft drinks they might serve those before they make you go park.
Disagree on not going to BK/Wendy's. The "deals" game becomes a habit, switching costs are basically zero, people start to comparison shop each app for the best deal (like shopping for air travel). It's a bit of work because there is no single consolidator but it only takes a few seconds to scan each apps offers.
At this point, being a fast food chain that doesnt have an app with deals is probably not viable - but I am very skeptical it generates any loyalty.
I treat food delivery apps the same way. There’s no stickiness for me, I just check all of them and pick the one with the best coupons for my restaurant. A sign that this kind of stuff is very much a commodity. I usually end up on DoorDash, but that’s mainly because the current credit card I use affords discounts for it and as a result wins in the bidding war for my business
They have your name too. From what I understand, the tracking is generally done via something like the hash of the card number though. I've never heard of any legal or compliance issues with that, since the card number itself is not stored.
> Three large fries ordered at the counter costs over ten dollars.
This is kind of hilarious and depressing but I live in a high enough cost of living city in the states and I order mcd’s rarely enough that I cannot tell contextually whether your statement indicates this is overpriced or underpriced.
That is an incredible amount of cooked calories for that price. No idea this was a thing. I do remember being in college and local mcd’s doing the typical “if team wins chicken nuggets are $5 for 20” but never heard of this sports box concept
Dollar bills are usually in terrible condition. Folded corners, creases, dirt. Ten singles take up more space in my wallet than just about anything else I'd put in there.
I'd rather have ten coins. They'll easily fit in the bottom of my pocket, and when I pull out change there's likely to be a useful amount of money in it.
Unfortunately, yes. Drugs are well-known to be the only product for which cash is an acceptable form of payment. The utility of hard currency really took a hit when all the hookers moved to Venmo.
> Restricting arbitrary downloads from curl, wget or bash (or better, any binary) makes these attacks pretty much useless.
Any advice what that looks like for a docker container? My border firewall isn't going to know what binary made the request, and I'm not aware of per-process restrictions of that kind
That's a popular architecture, but I personally wouldn't run part of the application stack (HAProxy) on my network firewall, and would instead opt to move it to the media server.
Suppose you have the media server in its own VLAN/Subnet, chances are good that the firewall is instrumental in enforcing that security boundary. If any part of the layer-7 attack surface is running on the firewall... you probably get the idea.
Interesting, I never considered it part of the application stack. It routes a dozen or so separate services so it feels at home next to Wireguard, DHCP, and DNS.
FYI, this backronym is nonsensical. It would only make sense if the gratuity were paid in advance, and then again only were it called a "tep," to ensure promptness.
If Tesla is going to go to the trouble of uploading all this shit to the cloud anyway, the least they can do is give customers a no-questions-asked download button.